Messages

1

General Discussion / Re: LAN, DMZ and two gateways: problem

« on: January 22, 2024, 07:21:13 pm »

In my case I think that OPNsense _is_ the router.

There are four NICs and I basically would love to be able to route traffic from DMZ out to internet via WAN-interface (and keep the LAN tied to FC interface).

Only can't figure out how on earth...

hank

2

General Discussion / LAN, DMZ and two gateways: problem

« on: January 22, 2024, 04:43:40 pm »

Hello

I have setup a system with two gateways WAN (5G static IP) and FC (fiber, DHCP).
I also have two interfaces: LAN and DMZ.
On DMZ there is a web server and a database server.
Internet users come in through the WAN IP. LAN goes out via FC.
I have a firewall rule that passes traffic from WAN (static) IP on ports 80 & 443 to the server in DMZ and it works flawlessly both from LAN as well as from Internet.

I thought great, it's fine. Only it wasn't.

Now I see that going out from the web server doesn't work at all.
Can't get DNS, can't update OS, heck can't even ping to 8.8.8.8.
Probably most of the things might work fine, if I only could route the DMZ computer to Internet via that WAN interface. At least I think it might.
Only haven't been able to figure it out at all how to achieve it.
Can anybody explain how to implement that? Spoon-fed would be great but I try to understand things on a higher level also if at all possible.

wbr
hank

P.S. If you ask me why, my FC doesn't currently allow traffic from http(s) in so O'm stuck with 5G for the server.

3

Hardware and Performance / Re: One network card not found

« on: January 14, 2024, 03:50:11 pm »

Thank you.

I try to find another NIC, feels simpler to me

hank

4

Hardware and Performance / One network card not found

« on: January 14, 2024, 08:49:28 am »

I have a PC setup with one motherboard NIC plus 3 Ethernet NIC via 3 PCI slots.

I have installed OPNsense firewall with currently LAN, DMZ and WAN interfaces. The current WAN is via 5G but I also have a fiber that I am trying to add. But there are only three interfaces visible (re0, re1 and re2). The computer used to be an Ubuntu earlier (like a day ago) and I am quite positive that all four NICs were functional.

Any ideas how to by-pass this problem?

wbr

hank

5

General Discussion / Re: Can I do this setup with OPNsense?

« on: January 12, 2024, 03:53:44 pm »

Thank you.

I really appreciate the pointer to policy based routing. I am basically a programmer and a lesser extent an admin and even lesser network guy but let's find out how things torn out.

I will probably try this in this weekend. Fortunately I have an extra HDD so in case of emergency I can "go back" to the Linux installation if things go badly just by exchanging the disks...

wbr

hank

6

General Discussion / Can I do this setup with OPNsense?

« on: January 12, 2024, 08:43:18 am »

Hello I am (hopefully) a new OPNsense user and have a bit peculiar home office setup. I am currently using an Ubuntu based firewall but would need something a bit stronger firewall/router using the current PC hardware.

So I would like to know if it is possible to build an OPNsense FW with the following setup:

I have two WANs (5G and FC). I would also like to have two LAN interfaces: DMZ for servers and LAN for family members, printers, WLAN.

I just got the FC and for that I would prefer routing DMZ to internet via 5G (which has fixed IP) and LAN via FC (and later also moving DMZ to use FC  if/when DDNS works / or I get the fixed IP via FC). I try to minimize the hassle with the external users of DMZ servers.

So does this look like an acheivable goal usin OPNsense?

wbr

hank